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Abstract 


This document provides test vectors to validate implementations of the two mandatory 
authentication algorithms specified for the TCP Authentication Option over both IPv4 and IPv6. 
This includes validation of the key derivation function (KDF) based on a set of test connection 
parameters as well as validation of the message authentication code (MAC). Vectors are provided 
for both currently required pairs of KDF and MAC algorithms: KDF_HMAC_SHA1 and HMAC- 
SHA-1-96, and KDF_AES 128 CMAC and AES-128-CMAC-96. The vectors also validate both whole 
TCP segments as well as segments whose options are excluded for middlebox traversal. 


Status of This Memo 


This document is not an Internet Standards Track specification; it is published for informational 
purposes. 


This document is a product of the Internet Engineering Task Force (IETF). It represents the 
consensus of the IETF community. It has received public review and has been approved for 
publication by the Internet Engineering Steering Group (IESG). Not all documents approved by 
the IESG are candidates for any level of Internet Standard; see Section 2 of RFC 7841. 


Information about the current status of this document, any errata, and howto provide feedback 
on it may be obtained at https://www.rfc-editor.org/info/rfc9235. 


Copyright Notice 


Copyright (c) 2022 IETF Trust and the persons identified as the document authors. All rights 
reserved. 


This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF 
Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this 
document. Please review these documents carefully, as they describe your rights and restrictions 
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with respect to this document. Code Components extracted from this document must include 
Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are 
provided without warranty as described in the Revised BSD License. 
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1. Introduction 


This document provides test vectors to validate the correct implementation of the TCP 
Authentication Option (TCP-AO) [RFC5925] and its mandatory cryptographic algorithms defined 
in [RFC5926]. It includes the specification of all endpoint parameters to generate the variety of 
TCP segments covered by different keys and MAC coverage, i.e., both the default case and the 
variant where TCP options are ignored for middlebox traversal. It also includes both default key 
derivation functions (KDFs) and MAC generation algorithms [RFC5926] and lists common pitfalls 
of implementing the algorithms correctly. 


The experimental extension to support NAT traversal [RFC6978] is not included in the provided 
test vectors. 


This document provides test vectors from multiple implementations that have been validated 
against each other for interoperability. 


2. Conventions Used in This Document 


The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", 
"RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be 
interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all 
capitals, as shown here. 


3. Input Test Vectors 


3.1. TCP Connection Parameters 


The following parameters are used throughout this suite of test vectors. The terms 'active' and 
‘passive’ are used as defined for TCP [RFC0793]. 
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3.1.1. TCP-AO Parameters 
The following values are used for all exchanges. This suite does not test key switchover. The 
KeylDs are as indicated for TCP-AO [RFC5925]. The Master Key is used to derive the traffic keys 
[RFC5926]. 

Active (client) side KeyID: 61 decimal (0x3d hexadecimal) 

Passive (server) side KeyID: 84 decimal (0x54 hexadecimal) 


Master_Key: "testvector" (length = 10 bytes) 


3.1.2. Active (Client) Side Parameters 
The following endpoint parameters are used on the active side of the TCP connection, i.e., the side 
that initiates the TCP SYN. 

For IPv4: 10.11.12.13 (dotted decimal) 

For IPv6: fd00::1 (IPv6 hexadecimal) 

TCP port: (varies) 


3.1.3. Passive (Server) Side Parameters 
The following endpoint parameters are used for the passive side of the TCP connection, i.e., the 
side that responds with a TCP SYN-ACK. 

For IPv4: 172.27.28.29 (dotted decimal) 

For IPv6: fd00::2 (IPv6 hexadecimal) 

TCP port = 179 decimal (BGP) 


3.1.4. Other IP Fields and Options 
No IP options are used in these test vectors. 
All IPv4 packets use the following other parameters [RFC0791]: Differentiated Services Code Point 


(DSCP) = 111000 binary (CS7) as is typical for BGP, Explicit Congestion Notification (ECN) = 00 
binary, set the Don't Fragment (DF) bit, and clear the More Fragments (MF) bit. 


IPv4 uses a TTL of 255 decimal; IPv6 uses a hop limit of 255 decimal. 


All IPv6 packets use the following other parameters [RFC8200]: traffic class = Oxe0 hexadecimal 
(DSCP = 111000 binary CS7, as is typical for BGP, with ECN = 00 binary) and no Extension Headers 
(EHs). 


3.1.5. Other TCP Fields and Options 


The SYN and SYN-ACK segments include Maximum Segment Size (MSS) [RFC0793], No Operation 
(NOP), Window Scale [RFC7323], Selective Acknowledgment (SACK) permitted [RFC2018], 
Timestamp [RFC7323], and TCP-AO [RFC5925], in that order. 


Touch & Kuusisaari Informational Page 5 


RFC 9235 TCP-AO Test Vectors May 2022 


All other example segments include NOP, NOP, Timestamp, and TCP-AO, in that order. 


All segment urgent (URG) pointers are zero [RFC0793]. All segments with data set the push (PSH) 
flag [RFC0793]. 


Each TCP connection below uses the Initial Sequence Numbers (ISNs) as indicated at the front of 
each corresponding section. 


4. IPv4 SHA-1 Output Test Vectors 


The SHA-1 KDF and MAC algorithms, KDF_HMAC_SHA1 and HMAC-SHA-1-96, are computed as 
specified for TCP-AO [RFC5926]. 


In the following sections, all values are indicated as 2-digit hexadecimal values with spacing per 
line representing the contents of 16 consecutive bytes, as is typical for data dumps. The IP/TCP 
data indicates the entire IP packet, including the TCP segment and its options (whether covered 
by TCP-AO or not, as indicated), including TCP-AO. 

4.1. HMAC-SHA-1-96 (Default - Covers TCP Options) 


4.1.1. Send (Client) SYN (Covers Options) 


Client ISN = @xfbfbab5a 
Send_SYN_traffic_key: 


6d 63 ef 1b 02 fe 15 09 d4 b1 40 27 07 fd 7b 04 
16 ab b7 4f 


IPv4/TCP: 
45 e0 00 4c dd Of 40 gg ff 86 bf 6b ða Ob Oc Od 
ac 1b 1c 1d e9 d7 00 b3 fb fb ab 5a 08 00 00 00 
e0 02 ff ff ca c4 00 00 02 04 05 b4 01 03 03 08 
04 02 08 Ba 00 15 5a b7 0O 00 00 00 1d 10 3d 54 
2e e4 37 c6 f8 ed e6 d7 c4 d6 02 e7 

MAC: 


2e e4 37 c6 f8 ed e6 d7 c4 d6 02 e7 
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4.1.2. Receive (Server) SYN-ACK (Covers Options) 


Server ISN 


@x11c14261 


Receive_SYN_traffic_key: 


d9 e2 17 e4 83 4a 80 ca 
79 7f ea 96 


IPv4/TCP: 


45 
ða 
eð 
04 
ee 


MAC: 


ee 


eð 
gb 
12 
02 
ab 


00 
Oc 
Í 
08 
of 


4c 
Od 
ARF 
ða 
e2 


65 
Q9 
37 
84 
4c 


06 
b3 
76 
a5 
30 


40 
e9 
00 
ðb 
10 


ab gf e2 4c 30 10 


00 
d7 
00 
eb 
81 


2f 


ff 
11 
02 
80 
51 
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sf 


06 
c1 
04 
HS 
16 


d8 


37 
42 
05 
5a 
b3 


de 


75 
61 
b4 
b7 
be 


81 51 16 b3 be 


4.1.3. Send (Client) Non-SYN (Covers Options) 


Send_other_traffic_key: 


d2 e5 9c 65 ff c7 bl 
24 al 3d 7 


IPv4/TCP: 


45 
ac 
c0 
84 
C2: 
Fur 
26 
Q9 
06 


MAC: 


70 
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eð 
1b 
18 


64 


00 
1c 
01 
gb 
e2 
fl 
06 
02 
64 


Cf 


87 
1d 
04 
eb 
bf 
ff 
01 
42 
00 


99 


36 
e9 
al 
1d 
al 
00 
04 
00 
01 


8c 


al 
d7 
62 
10 
INE 
43 
212) 
02 
01 


c6 


49 
og 
og 
3d 
ff 
01 
01 
06 
og 


(xs) 


a3 


93 


ff 
fb 
01 
70 
ff 
da 
01 
04 


C2 


47 


06 
fb 
1 
64 
ff 
bf 
02 
ag 


c2 


65 


65 
ab 
08 
E 
ff 
gg 
02 
00 


e2 


64 


9f 
5b 
ða 
99 
ff 
b4 
80 
da 


bf 


2e 


ac 
fb 
01 
1d 


63 


ða 
qal 
Q9 
8c 
fat 
ða 
212) 
bf 


41 


1b 
fb 
03 
10 


b7 


gb 
c1 
IES 
c6 
ff 
gb 
02 
02 


Informational 


b8 


1c 
ab 
63 
54 


Oe 


Oc 
42 
5a 
C3 
ifr 
Oc 
02 
08 


e6 


1d 
5b 
08 
3d 


dc 


Od 
62 
cil 
15 
IPIE 
Od 
02 
40 
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4.1.4. Receive (Server) Non-SYN (Covers Options) 


Receive_other_traffic_key: 


d9 e2 17 e4 83 4a 80 ca 
79 7f ea 96 


IPv4/TCP: 


45 
ða 
cg 
Q9 
95 
SPA 
26 
Q9 
06 


MAC: 


a6 


eð 
ob 
18 
15 
4d 
fafi 
02 
02 
gg 


3f 


00 
Oc 
01 
5a 
ea 
SEIF 
06 
02 
64 


Oe 


87 
Od 
00 
cil 
c7 
eke 
01 
42 
00 


cb 


1f 
og 
40 
1d 
ff 
og 
04 
og 
01 


bb 


a9 
b3 
Oc 
10 
faf 
43 
Q9 
02 
01 


2e 


40 
e9 
gg 
54 
Tite 
01 
01 
06 
00 


63 


og 
d7 
ag 
3d 
ff 
04 
og 
41 


5c 


2f 3f d8 de 


ff 
11 
01 
a6 
IPF 
da 
01 
04 


95 


06 
Cal 
01 
3f 
fel 
cg 
02 
00 


4d 


EC 
42 
08 
Oe 
SEI 
00 
02 
00 


ea 


97 
62 
Qa 
cb 
ff 
b4 
80 
da 


c7 


2e 


ac 
fb 
84 
bb 
iPr 
ac 
00 
cg 


4.2. HMAC-SHA-1-96 (Omits TCP Options) 
4.2.1. Send (Client) SYN (Omits Options) 


Client ISN 


OxcbBefbee 


Send SYN traffic key: 


30 ea al 56 Oc fO be 57 
42 3c d7 


IPv4/TCP: 


45 
ac 
eð 
04 
80 


MAC: 


80 
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eð 
1b 
02 
02 
af 


af 


00 
1c 
ir 
08 
3C 


SC 


ea 


4c 
1d 
ff 
ða 
fe 


fe 


53 
ff 
54 
ag 
b8 


b8 


99 
12 
1f 
02 
53 


53 


68 


93 


da 


7b 


b5 


06 
Oe 
04 
gg 
sf 


sf 


c0 


48 
fb 
05 
gg 
9e 


9e 


45 


e2 
ee 
b4 
Q9 
c2 


c2 


22 


ða 
00 
01 
1d 


41 


1b 
fb 
a5 
2e 
faf 
1b 
02 
02 


gf 


Informational 


b8 


1c 
ab 
gb 
63 
ifr 
1c 
02 
08 


b1 


e6 


1d 
9e 
f5 
SG 
IPE 
1d 
02 
40 


Qa 
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4.2.2. Receive (Server) SYN-ACK (Omits Options) 


Server ISN 


@xacd5b5e1 


Receive_SYN_traffic_key: 


b5 b2 89 6b b3 66 4e 81 
01 a8 30 7f 


IPv4/TCP: 


45 
ða 
eð 
04 
89 


MAC: 


09 


eð 
ob 
12 
02 
39 


30 


00 
Oc 
SEIE 
08 
6f 


6f 


4c 
Od 
ARIE 
ða 
9a 


9a 


32 
00 
38 
57 
ce 


ce 


84 
b3 
8e 
67 
a6 


a6 


40 
ff 
00 
72 
3a 


3a 


00 
12 
gg 
f3 
8c 


8c 


76 


Ff 
ac 
02 
og 
68 


68 


bo 


06 
d5 
04 
02 
cb 


ed 


69 
b5 
05 
4c 
9a 


c6 


f7 
e1 
b4 
ce 
70 


cb 9a 70 


4.2.3. Send (Client) Non-SYN (Omits Options) 


Send_other_traffic_key: 


f3 db 17 93 d7 91 Be 
34 59 53 e3 


IPv4/TCP: 


45 
ac 
c0 
57 
él 
iPr 
26 
00 
06 


MAC: 


TA 
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eð 
1b 
18 


06 


00 
ike 
01 
2 
3a 
TEIE 
06 
02 
64 


08 


87 
1d 
04 
f3 
a5 
ty 
01 
42 
Q9 


cc 


a8 
rir 
6c 
1d 
ifr 
00 
04 
00 
01 


69 


f5 
12 
45 
18 
ff 
43 
og 
02 
81 


6c 


49 
og 
og 
3d 
ff 
1 
01 
06 
og 


03 


cd 


ag 
b3 
og 
54 
hf 
04 
og 
41 


a2 


80 


TRI 
cb 
01 
7A 
AF 
da 
01 
04 


71 


6c 


06 
Oe 
01 
06 
iPr 
bf 
02 
00 


c9 


34 


f3 
fb 
og 
og 
ff 
og 
02 
ag 


3a 


f1 


4a 
ef 
Qa 
cc 
ff 
b4 
80 
da 


a5 


e7 


ac 
cb 
01 
1d 


55 


ða 
ac 
Q9 
69 
li 
Qa 
Q9 
bf 


99 


1b 
Oe 
03 
10 


ea 


gb 
d5 
02 
6c 
ir 
gb 
02 
02 
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52 


‘ke 
fb 
63 
54 


1f 


Oc 
b5 
4c 
63 
Ff 
Oc 
02 
08 


41a 


1d 
ef 
08 
3d 


ag 


Od 
e2 
ce 
a2 
f 
Od 
02 
40 
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4.2.4. Receive (Server) Non-SYN (Omits Options) 


Receive_other_traffic_key: 


b5 b2 89 
ol a8 30 


IPv4/TCP: 


45 
ða 
c0 
Q9 
ae 
ál 
26 
Q9 
06 


MAC: 


97 


eð 
ðb 
18 
02 
61 
iPr 
02 
02 
00 


76 


00 
Oc 
01 
4c 
b4 
IRIE 
06 
02 
64 


6e 


6b b3 66 4e 81 


7f 


87 
ad 
og 
ce 
f9 
ins 
1 
42 
ag 


48 


54 
og 
46 
1d 
ff 
og 
04 
og 
01 


ac 


37 
b3 
bó 
19 
ff 
43 
og 
02 
01 


26 


49 
ff 
og 
54 
ff 
01 
91 
06 
ag 


2d 


og 
12 
og 
3d 
ff 
04 
og 
41 


e9 


76 


ff 
ac 
01 
97 
ff 
da 
01 
04 


ae 


bð 


06 
d5 
01 
76 
IF 
cg 
02 
gg 


61 


ed 


48 
b5 
68 
6e 
F 
Q9 
02 
Q9 


b4 


c6 


69 
e2 
ða 
48 
f 
b4 
80 
da 


f9 


e7 


ac 
cb 
57 
ac 
fei 
ac 
Q9 
c0 


99 


1b 
Oe 
67 
26 
fi 
1b 
02 
02 


5. IPv4 AES-128 Output Test Vectors 


The AES-128 KDF and MAC algorithms, KDF AES 128 CMAC and AES-128-CMAC-96, are computed 


as specified for TCP-AO [RFC5926]. 


52 


ie 
fc 
UP 
2d 
API 
‘lke! 
02 
08 


41 


1d 
32 
f3 
e9 
ff 
1d 
02 
40 
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In the following sections, all values are indicated as 2-digit hexadecimal values with spacing per 
line representing the contents of 16 consecutive bytes, as is typical for data dumps. The IP/TCP 
data indicates the entire IP packet, including the TCP segment and its options (whether covered 


by TCP-AO or not, as indicated), including TCP-AO. 
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5.1. AES-128-CMAC-96 (Default - Covers TCP Options) 
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5.1.1. Send (Client) SYN (Covers Options) 


Client ISN 


Ox787a1ddf 


Send SYN traffic key: 


f5 b8 b3 d5 f3 4f db b6 


IP/TCP: 


45 
ac 
eð 
04 
e4 


MAC: 


e4 


eð 
1b 
02 
02 
vl 


77 


00 
1c 
ff 
08 
e9 


e9 


4c 
1d 
ARIF 
Qa 
9c 


7b 
c4 
5a 
00 
80 


9f 
fa 
of 
01 
40 


40 
Q9 
Q9 
7e 
76 


að 
b3 
00 
dð 
54 


eb 


Ff 
78 
02 
og 
98 


8d 


06 
7a 
04 
00 
e5 


4a 


20 
1d 
05 
að 
50 


9c 80 40 76 54 98 e5 50 


b9 


dc 
df 
b4 
00 
91 


91 


66 


0a 
00 
01 
1d 


5.1.2. Receive (Server) SYN-ACK (Covers Options) 


Server ISN 


Oxfaddó6de9 


Receive SYN traffic key: 


4b c7 57 1a 48 6f 32 64 


IPv4/TCP: 


45 
ða 
eð 
04 
d6 


MAC: 


d6 
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eð 
gb 
12 
02 
ad 


ad 


00 
Oc 
JESE 
08 
a7 


a7 


4c 
Od 
IRIE 
ða 
bc 


bc 


Ab 
Q9 
f3 
93 
4c 


4c 


ad 
b3 
f2 
f4 
dd 


dd 


40 
c4 
00 
e9 
53 


53 


Q9 
fa 
Q9 
e8 
6d 


6d 


bb 


ff 
fa 
02 
00 
17 


Uy 


d8 


06 
dd 
04 
01 
69 


69 


88 


50 
6d 
65 
7e 
db 


db 


47 


ce 
e9 
b4 
dð 
5f 


5f 


40 


ac 
78 
01 
1d 


Oe 


gb 
00 
03 
10 


66 


1b 
7a 
63 
10 
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60 


Oc 
00 
03 
3d 


b4 


1c 
1d 
63 
54 


e3 


Od 
ag 
08 
54 


b1 


1d 
eð 
08 
3d 
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5.1.3. Send (Client) Non-SYN (Covers Options) 


Send_other_traffic_key: 


8c 8a eð e8 37 1e c5 


IPv4/TCP: 


45 
ac 
c0 
93 
ef 
iPr 
26 
Q9 
06 


MAC: 


77 


eð 
1b 
18 
f4 
fo 
fef 
02 
02 
00 


00 
1c 
01 
e9 
97 
SEIP 
06 
02 
64 


87 
1d 
04 
e8 
3e 
ff 
01 
42 
212) 


fb 
c4 
95 
1d 
[RIF 
Q9 
04 
Q9 
01 


Af 
fa 
65 
10 
ff 
43 
00 
02 
01 


49 
og 
og 
3d 
ff 
01 
91 
06 
og 


cb 


og 
b3 
80 
54 
ff 
04 
80 
41 


41 27 42 fa 4d c4 33 


b9 


ff 
78 
01 
TA 
ff 
da 
01 
04 


7e 


06 
7a 
01 
41 
italy 
bf 
02 
Q9 


a7 


að 
1d 
08 
27 
ff 
gg 
02 
00 


9d 


fo 
eð 
Qa 
42 
faf 
b4 
80 
da 


ef fO 97 3e 


90 


ða 
fa 
Q9 
fa 
JRI 
ða 
Q9 
bf 


5.1.4. Receive (Server) Non-SYN (Covers Options) 


Receive other traffic key: 


4b c7 57 1a 48 6f 32 64 


IPv4/TCP: 


45 
ða 
cg 
Q9 
45 
fl 
26 
Q9 
06 


MAC: 


f6 


Touch & Kuusisaari 


eð 
ob 
18 


d9 


00 
Oc 
01 
7e 
2d 
ff 
06 
02 
64 


65 


87 
od 
og 
dð 
ac 
ff 
1 
42 
og 


a7 


b9 
Q9 
e7 
1d 
ff 
Q9 
04 
Q9 
01 


83 


14 
b3 
db 
10 
ff 
43 
og 
02 
81 


82 


40 
c4 
212) 
54 
fl 
01 
01 
06 
Q9 


a7 


00 
fa 
00 
3d 
ff 
04 
00 
41 


48 


bb 


ff 
fa 
01 
f6 
SAF 
da 
01 
04 


45 


d8 


06 
dd 
01 
d9 
fif 
cg 
02 
00 


ir 


88 


e3 
6d 
08 
65 
ff 
gg 
02 
00 


2d 


47 


2b 
ea 
ða 
a7 
fE 
b4 
80 
da 


ac 


40 


ac 
78 
93 
83 
ff 
ac 
gg 
c0 


41 


ab 
dd 
01 
4d 
ff 
ab 
02 
02 


66 


1b 
7a 
f4 
82 
(RE 
1b 
02 
02 


Informational 


83 


Oc 
6d 
7e 
c4 
ff 
Oc 
02 
08 


b4 


1c 
1e 
e9 
a7 
ff 
Te 
02 
08 


91 


ed 
ea 
de 
33 
ff 
od 
02 
49 


b1 


1d 
23 
e8 
48 
ff 
1d 
02 
40 
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5.2. AES-128-CMAC-96 (Omits TCP Options) 
5.2.1. Send (Client) SYN (Omits Options) 


Client ISN 


@x389bed71 


Send_SYN_traffic_key: 


2c db ae 13 92 c4 94 49 


IPv4/TCP: 


45 
ac 
eð 
04 
c4 


MAC: 


c4 


eð 
1b 
02 
02 
4e 


4e 


Q9 
1c 
SEIE 
68 
69 


68 


4c 
1d 
INP 
Qa 
cb 


f2 
da 
70 
00 
31 


2e 
1c 
bf 
01 
f7 


40 
gg 
00 
85 
cg 


Q9 
b3 
Q9 
e1 
b1 


fa 


ff 
38 
02 
00 
de 


92 


06 
9b 
04 
ag 
3d 


Ch sai f7 -cOubil dead 


c4 


aa 
ed 
05 
00 
2 


27 


50 


4c 
71 
b4 
Q9 
49 


49 


97 


Qa 
00 
01 
1d 


5.2.2. Receive (Server) SYN-ACK (Omits Options) 


Server ISN 


Oxd3844a6f 


Receive SYN traffic key: 


3c e6 7a 55 18 69 50 6b 


IPv4/TCP: 


45 
ða 
eð 
04 
3a 


MAC: 


3a 


Touch & Kuusisaari 


eð 
gb 
2, 
02 
6a 


6a 


00 
Oc 
fl 
08 
bb 


bb 


4c 
Od 
f 
0a 
20 


20 


6c 
00 
e4 
ce 
7e 


7e 


cg 
b3 
45 
45 
49 


49 


40 
da 
00 
98 
b1 


b1 


00 
ike 
00 
38 
be 


be 


63 


Ff 
d3 
02 
og 
71 


71 


47 


06 
84 
04 
01 
36 


36 


b6 


2f 
4a 
65 
85 
db 


db 


33 


bb 
6f 
b4 
el 
99 


90 


(eið 


ac 
38 
01 
1d 


35 


gb 
00 
03 
10 


ða 


1b 
9b 
03 
10 


Informational 


d5 


Oc 
00 
03 
3d 


62 


ke 
ed 
63 
54 


Oe 


Od 
að 
08 
54 


4a 


1d 
72 
08 
3d 
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5.2.3. Send (Client) Non-SYN (Omits Options) 


Send_other_traffic_key: 


03 5b c4 08 a3 41 ff 


IPv4/TCP: 


45 
ac 
c0 
ce 
7b 
flr 
26 
00 
06 


MAC: 


75 


eð 
1b 
18 
45 
96 
fef 
02 
02 
00 


85 


Q9 
1c 
01 
98 
f8 
ff 
06 
02 
64 


e9 


87 
1d 
04 
38 
37 
if 
1 
42 
og 


ee 
da 
88 
1d 
ff 
00 
04 
00 
01 


91 
1c 
51 
10 
ir 
43 
Q9 
02 
01 


49 
ag 
og 
3d 
ff 
01 
91 
06 
og 


e5 


og 
b3 
og 
54 
ff 
04 
og 
41 


e9 d5 c3 ec 85 


95 


li 
38 
01 
75 
ff 
da 
01 
04 


f5 


06 
9b 
01 
85 
ff 
bf 
02 
ag 


gf 


ad 
ed 
68 
e9 
ff 
Q9 
02 
Q9 


58 


ae 
72 
ða 
e9 
IRI 
b4 
80 
da 


7b 96 f8 37 


00 


0a 
d3 
Q9 
d5 
ifr 
Qa 
Q9 
bf 


5.2.4. Receive (Server) Non-SYN (Omits Options) 


Receive other traffic key: 


3c e6 7a 55 18 69 50 6b 


IPv4/TCP: 


45 
ða 
cg 
00 
5c 
iPr 
26 
00 
06 


MAC: 


5C 


Touch & Kuusisaari 


eð 
ob 
18 


04 


00 
Oc 
01 
85 
82 
ff 
06 
02 
64 


of 


87 
Od 
Q9 
e1 
f4 
ff 
01 
42 
09 


d9 


6a 
Q9 
04 
1d 
ifr 
Q9 
04 
Q9 
01 


23 


21 
b3 
49 
19 
ff 
43 
og 
02 
01 


33 


40 
da 
00 
54 
ff 
01 
01 
06 
00 


04 


Q9 
1c 
Q9 
3d 
TPE 
04 
Q9 
41 


76 


63 


Ef 
d3 
01 
5c 
il 
da 
01 
04 


oC 


47 


06 
84 
01 
04 
ff 
cg 
02 
00 


09 


b6 


32 
4a 
68 
of 
ff 
Q9 
02 
Q9 


82 


33 


Ti 
70 
Qa 
d9 
ff 
b4 
80 
da 


f4 


EÐ 


ac 
38 
ce 
23 
ir 
ac 
00 
cg 


50 


ob 
84 
01 
C3 
E 
ðb 
02 
02 


Qa 


1b 
9b 
45 
33 
ff 
1b 
02 
02 


Informational 


06 


Oc 
4a 
85 
ec 
fal 
Oc 
02 
08 


62 


1c 
ed 
98 
04 
jr 
Te 
02 
08 


ca 


Od 
70 
el 
85 
tals 
Od 
02 
40 


4a 


1d 
72 
38 
76 
ff 
1d 
02 
49 
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6. IPv6 SHA-1 Output Test Vectors 


The SHA-1 KDF and MAC algorithms, KDF HMAC SHA1 and HMAC-SHA-1-96, are computed as 


specified for TCP-AO [RFC5926]. 


6.1. HMAC-SHA-1-96 (Default - Covers TCP Options) 


6.1.1. Send (Client) SYN (Covers Options) 


Client ISN 


Ox176a833f 


Send SYN traffic key: 


62 5e c0 9d 57 58 36 ed 
89 a3 61 bb 


IPv6/TCP: 


90 


33 


gg 
213) 
00 
eð 
04 
90 


ec 3d 73 34 b6 4c 


c9 


fd 
fd 
17 
47 
00 
73 


b6 


214) 
Q9 
e4 
21 
41 
34 


42 


84 


5e dd 03 9f 


18 


Q9 
Q9 
17 
02 
Q9 
5e 


6.1.2. Receive (Server) SYN-ACK (Covers Options) 


Server ISN 


@x3f51994b 


Receive_SYN_traffic_key: 


e4 a3 7a da 2a Oa fc a8 
71 eb cb 4a 


IPv6/TCP: 


6e 
Q9 
212) 
17 
01 
1d 


MAC: 


f1 


Touch & Kuusisaari 


01 
212) 
214) 
6a 
63 
10 


cb 


00 
ag 
00 
83 
03 
54 


a3 


9e 
gg 
gg 
40 
08 
3d 


46 


(212) 
(212) 
gg 
eð 
04 
f1 


c3 


38 
00 
00 
12 
02 
cb 


52 


06 
00 
gg 
Gf 
08 
a3 


61 


40 
02 
01 
tats 
ða 
46 


63 


71 


f7 


14 


00 
00 
b3 
ec 
33 
52 


1f 


34 


að 
ag 
Te 
00 
12 
61 


1f 


91 


212) 
Q9 
e4 
Q9 
9b 
63 


55 


sf 


00 
00 
sf 
02 
00 
f7 


bb 


214) 
212) 
6a 
04 
212) 
dd 


e1 


00 
00 
51 
04 
41 
1f 


Informational 


fg 


00 
ag 
83 
05 
að 
03 


38 


00 
að 
99 
05 
dð 
1f 


69 


gg 
gg 
3f 
að 
gg 
9f 


C7 
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6.1.3. Send (Client) Non-SYN (Covers Options) 


Send_other_traffic_key: 


1e d8 29 75 f4 ea 44 
bb c9 1b 7e 


IPv6/TCP: 


6e 
00 
00 
3f 
00 
b4 
SEAR 
01 
00 
e8 


MAC: 


bf 


08 
að 
00 
51 


08 


05 


dc 
00 
00 
Ac 
91 
16 
IRE 
79 
02 
40 


fe 


00 
gg 
00 
cg 
bd 
3d 
irr 
26 
00 
06 


06 
00 
00 
01 
12 
cd 
ff 
06 
02 
64 


4c 


40 
1 
02 
80 
9b 
f2 
ff 
1 
42 
ag 


b4 ac 7b 16 


61 


fd 
fd 
f7 
32 
1d 
ff 
og 
04 
og 
01 


3d 


TCP-AO Test Vectors 


58 


00 
00 
e4 
9c 
10 
ff 
43 
00 
02 
01 


6f 


Oc 


og 
og 
og 
80 
3d 
ff 
01 
91 
06 
ag 


cd 


5b 


og 
ag 
b3 
og 
54 
ff 
04 
og 
41 


f2 


d9 


og 
ag 
1 
o1 
bf 
ff 
fd 
o1 
04 


6.1.4. Receive (Server) Non-SYN (Covers Options) 


Receive other traffic key: 


e4 a3 7a da 2a Oa fc a8 
71 eb cb 4a 


IPv6/TCP: 


6e 
00 
00 
eZ 
bd 
‘lel 
rir 
01 
00 
e8 


MAC: 


6c 


Touch & Kuusisaari 


48 


og 
og 
og 
83 
12 
5b 
ff 
1 
02 
88 


12 


5c 


Q9 
Q9 
Q9 
c0 
Q9 
9a 
iar 
26 
212) 
06 


11 


73 
og 
og 
18 
41 
07 
ff 
02 
02 
ag 


33 


06 
Q9 
Q9 
01 
dð 
a7 
IAP 
06 
02 
64 


5b 


49 
02 
91 
80 
91 
97 
ff 
1 
42 
ag 


ab 


71 


fd 
fd 
og 
ee 
1d 
ff 
og 
04 
80 
01 


9a 


14 


Q9 
Q9 
b3 
6e 
10 
fif 
43 
Q9 
02 
01 


07 


34 


og 
ag 
f7 
og 
54 
ff 
01 
01 
06 
og 


a7 


91 


97 


3f 


Od 


00 
00 
6a 
01 
08 
ff 
e8 
02 
00 


e1 


00 
gg 
51 
01 
48 
ff 
e8 
02 
00 


Informational 


bd 


og 
og 
83 
o8 
05 
ff 
og 
02 
80 


38 


og 
ag 
99 
og 
12 
ff 
og 
02 
ag 


61 


Q9 
Q9 
40 
Qa 
fe 
E 
b4 
80 
fd 


c7 


00 
00 
Ac 
Qa 
5c 
fif 
b4 
80 
fd 
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6.2.1. Send (Client) SYN (Omits Options) 


Client ISN 


0x020c1e69 


Send SYN traffic key: 


31 a3 fa f6 9e ff ae 52 
27 Oa 4e dc 


IPv6/TCP: 


6e 
212) 
Q9 
Q9 
01 
1d 


MAC: 


88 


07 
ag 
00 
að 
03 
10 


cd 
00 
00 
00 
08 
54 


00 
gg 
00 
eð 
04 
88 


38 
00 
ag 
02 
02 
56 


56 98 b@ 53 ðe 


40 
01 
02 
‘Fr 
ða 
bð 


93 


fd 
fd 
c6 
a4 
00 
53 


1b 


Q9 
Q9 
cd 
1a 
9d 
Oe 


7f 


að 
00 
ag 
00 
b9 
d4 


84 


00 
00 
b3 
að 
5b 
d5 


d4 d5 al 5f 83 46 


54 


212) 
Q9 
02 
02 
Q9 
al 


6.2.2. Receive (Server) SYN-ACK (Omits Options) 


Server ISN 


Oxeba3734d 


Receive SYN traffic key: 


40 51 08 94 7f 99 65 75 
c7 fa 91 bd 


IPv6/TCP: 


Touch & Kuusisaari 


ða 
212) 
Q9 
Oc 
63 
10 


54 


7e 
00 
00 
1e 
63 
54 


6b 


Tek 
Q9 
Q9 
6a 
68 
3d 


ad 


Q9 
Q9 
Q9 
eð 
04 
3c 


97 


38 
00 
ag 
12 
02 
54 


43 


fl 


40 
02 
01 
TRIP 
0a 
ad 


2d 


e7 


fd 
fd 
Q9 
TT. 
5e 
97 


f8 


bd 


00 
gg 
b3 
4d 
c9 
43 


b8 


bc 


Q9 
Q9 
c6 
Q9 
9b 
f1 


01 


26 


00 
00 
cd 
00 
70 
2d 


Od 


d4 


00 
ag 
eb 
02 
00 
f8 


67 


00 
00 
Oc 
04 
00 
5f 


02 


00 
00 
a3 
04 
9d 
b8 


Informational 


31 


16 


00 
ag 
73 
05 
b9 
01 


5c 


00 
gg 
69 
að 
00 
46 


a2 


00 
00 
4d 
að 
5b 
Od 
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6.2.3. Send (Client) Non-SYN (Omits Options) 


Send_other_traffic_key: 


b3 4e ed 6a 93 96 a6 
6f52-crvzab 


IPv6/TCP: 


6e 
Q9 
Q9 
eb 
Q9 
19 
TEAR 
01 
Q9 
e8 


MAC: 


48 


07 
00 
gg 
a3 


cd 
00 
00 
4e 
65 
01 
ff 
79 
02 
40 


00 
00 
00 
c0 
5e 
19 
TRIR 
26 
00 
06 


06 
og 
og 
01 
9b 
5b 
ff 
06 
02 
64 


69 


40 
1 
02 
80 
79 
fo 
ff 
1 
42 
ag 


bd 09 3b 19 24 eð 01 


fl 


fd 
fd 
c6 
83 
1d 
FE 
212) 
04 
Q9 
01 


19 


c4 f4 f5 


00 
00 
cd 
e6 
10 
IPE 
43 
00 
02 
01 


2f 


og 
80 
og 
80 
3d 
ff 
01 
91 
06 
ag 


5b 


og 
ag 
b3 
og 
54 
ff 
04 
og 
41 


fg 


76 


og 
og 
02 
01 
48 
ff 
fd 
01 
04 


6.2.4. Receive (Server) Non-SYN (Omits Options) 


Receive other traffic key: 


40 51 08 94 7f 99 65 75 
c7 fa 91 bd 


IPv6/TCP: 


6e 
00 
00 
02 
5e 
45 
ff 
01 
00 
e8 


MAC: 


55 


Touch & Kuusisaari 


ða 
Q9 
Q9 
Oc 
c9 
b4 
ff 
01 
02 
02 


9a 


81 


ihe 
00 
00 
ad 
7a 
e9 
ir 
7a 
02 
40 


94 


45 


73 
gg 
00 
18 
9d 
9e 
Tr 
02 
02 
00 


b4 


06 
og 
og 
91 
b9 
13 
ff 
06 
02 
64 


fd 


49 
02 
91 
og 
65 
172 
ff 
1 
42 
ag 


e9 


e7 


fd 
fd 
og 
7Al 
1d 
ff 
og 
04 
og 
01 


8d 


bd 


Q9 
Q9 
b3 
6a 
10 
ff 
43 
Q9 
02 
01 


9e 


bc 


Q9 
Q9 
c6 
Q9 
54 
ff 
01 
01 
06 
Q9 


13 


26 


d4 


18 


Q9 
Q9 
Oc 
01 
bd 
ff 
e8 
02 
212) 


02 


Informational 


f3 


Q9 
Q9 
1e 
68 
69 
fl 
Q9 
02 
Q9 


16 


og 
80 
73 
og 
81 
ff 
og 
02 
ag 


65 


00 
00 
6a 
ða 
3b 
IE 
b4 
80 
fd 


a2 


00 
00 
4e 
ða 
94 
dfs 
b4 
80 
fd 
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7. IPv6 AES-128 Output Test Vectors 


The AES-128 KDF and MAC algorithms, KDF_AES_128 CMAC and AES-128-CMAC-96, are computed 


as specified for TCP-AO [RFC5926]. 


7.1. AES-128-CMAC-96 (Default - Covers TCP Options) 


7.1.1. Send (Client) SYN (Covers Options) 


Client ISN 


Ox193cccec 


Send SYN traffic key: 


fa 5a 21 08 88 2d 39 dð 


TRA: 


6e 
Q9 
Q9 
Q9 
01 
1d 


MAC: 


59 


gg 
gg 
(212) 
eð 
04 
59 


b5 88 10 74 81 


ac 


40 
01 
02 
ir 
ða 
10 


6d 


c7 


fd 
fd 
f8 
de 
13 
74 


19 


00 
00 
5a 
5d 
e4 
81 


29 


00 
00 
00 
ag 
ab 
ac 


c3 92 70 40 


5a 


7.1.2. Receive (Server) SYN-ACK (Covers Options) 


Server ISN 


Oxa6744ecb 


Receive SYN traffic key: 


cf 1b 1e 22 5e 06 a6 36 


IPv6/TCP: 


6e 
Q9 
Q9 
19 
01 
1d 


MAC: 


dc 


Touch & Kuusisaari 


06 
gg 
gg 
3C 
03 
10 


28 


15 
ag 
00 
EG 
03 
54 


43 


20 
00 
00 
ed 
08 
3d 


a8 


Q9 
Q9 
Q9 
eð 
04 
dc 


4e 


38 
00 
00 
12 
02 
28 


78 


a6 


40 
02 
01 
IPF 
ða 
a8 


bc 


16 


fd 
fd 
Q9 
ea 
Tal 
4e 


fd 


76 


c5 


4a 


ed 


06 


212) 
212) 
5a 
212) 
c8 
bc 


80 


7b 


Q9 
Q9 
a6 
02 
13 
fd 


b1 


213) 
00 
3C 
04 
gg 
92 


46 


00 
00 
74 
04 
e4 
c5 


Informational 


b7 


00 
00 
ce 
05 
ag 
70 


f4 


Q9 
Q9 
4e 
65 
ab 
ed 


b8 


b1 


214) 
212) 
cb 
að 
99 
80 
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7.1.3. Send (Client) Non-SYN (Covers Options) 


Send_other_traffic_key: 


61 74 c3 55 7a be d2 


IPv6/TCP: 


6e 
00 
00 
a6 
18) 
Od 
iPr 
01 
00 
e8 


MAC: 


7b 


04 
212) 
(213) 
74 
e4 
Af 
ff 
01 
02 
02 


a7 
00 
00 
4e 
ab 
5f 
JESF 
01 
02 
08 


06 
00 
gg 
cc 
a3 
01 
ff 
79 
02 
40 


00 
gg 
00 
cg 
TA 
83 
fat 
26 
00 
06 


73 
00 
00 
18 
da 
5b 
ff 
02 
02 
ag 


06 
00 
00 
01 
ab 
aa 
ff 
06 
02 
64 


75 


40 
01 
02 
00 
c8 
b3 
ff 
01 
42 
gg 


6a 45 5c Od 4f 5f 01 


74 db a3 


fd 
fd 
f8 
32 
1d 
ff 
og 
04 
og 
01 


83 


Q9 
Q9 
5a 
80 
10 
E 
43 
Q9 
02 
01 


5b 


og 
og 
og 
80 
3d 
ff 
1 
91 
06 
ag 


aa 


71 


og 
ag 
b3 
og 
54 
fe 
04 
80 
41 


b3 


85 


og 
og 
19 
01 
7b 
ff 
fd 
o1 
04 


7.1.4. Receive (Server) Non-SYN (Covers Options) 


Receive other traffic key: 


cf 1b 1e 22 5e 06 a6 36 


IPv6/TCP: 


6e 
00 
00 
19 
Tal 
fd 
AF 
01 
00 
e8 


MAC: 


cil 
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06 
212) 
Q9 
3e 
da 
3d 
ine 
01 
02 
02 


06 


15 
gg 
00 
cd 
ab 
69 
IPIE 
01 
02 
08 


9b 


20 
00 
00 
30 
d3 
3a 
‘Fir 
7a 
02 
40 


7d 


00 
gg 
00 
cg 
13 
6d 
Fie 
26 
00 
06 


fd 


3d 


06 
00 
00 
01 
ab 
f2 
ff 
06 
02 
64 


69 


40 
02 
01 
gg 
a3 
89 
Fae 
01 
42 
gg 


3a 


16 


fd 
fd 
og 
52 
1d 
ff 
og 
04 
og 
81 


6d 


76 


og 
ag 
b3 
f4 
19 
ff 
43 
og 
02 
01 


3 


4a 


og 
og 
f8 
og 
54 
ff 
01 
91 
06 
ag 


f2 


06 


89 


7b 


00 
00 
a6 
01 
c1 
iPr 
fd 
01 
04 


fg 


00 
00 
SC 
01 
6a 
APAR 
e8 
02 
00 


46 


00 
gg 
74 
01 
06 
ffi 
e8 
02 
gg 
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03 


og 
og 
cc 
og 
45 
ff 
og 
02 
ag 


f4 


00 


Q9 
Q9 
ed 
Qa 
5C 
ff 
b4 
80 
fd 


b1 
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7.2. AES-128-CMAC-96 (Omits TCP Options) 
7.2.1. Send (Client) SYN (Omits Options) 


Client ISN 


@xb01da74a 


Send_SYN_traffic_key: 


a9 Af 51 12 63 e4 09 3d 


IPv6/TCP: 


6e 
212) 
212) 
Q9 
01 
1d 


MAC: 


3d 


09 
00 
ag 
00 
03 
10 


45 


3d 
ag 
00 
ag 
03 
3d 


b4 


76 
ag 
00 
00 
08 
54 


34 


00 
gg 
00 
eð 
04 
3d 


2d 


38 
00 
00 
02 
02 
45 


e8 


06 
80 
og 
ff 
og 
b4 


bb 


35 


fd 
fd 
f2 
75 
14 
2d 


30 


dd 


gg 
00 
88 
ff 
27 
e8 


84 


81 


00 
ag 
00 
ag 
5b 
bb 


78 


8c 


00 
ag 
b3 
00 
3b 
15 


98 


13 


00 
00 
bð 
02 
að 
30 


7.2.2. Receive (Server) SYN-ACK (Omits Options) 


Server ISN 


@xa6246145 


Receive_SYN_traffic_key: 


92 de a5 bb c7 8b 1d 9f 


IPv6/TCP: 


6e 
212) 
Q9 
bð 
01 
1d 


MAC: 


1d 
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Oc 
00 
gg 
1d 
03 
10 


01 


60 
Q9 
Q9 
a7 
63 
54 


f6 


c8 


00 
gg 
00 
eð 
04 
1d 


“LC 


38 
00 
00 
12 
02 
01 


6f 


06 
og 
ag 
ff 
og 
f6 


93 


40 
02 
01 
faf 
ða 
c8 


ac 


5b 


fd 
fd 
00 
a7 
17 
AC 


ff 


29 


00 
gg 
b3 
Oc 
82 
6f 


a9 


52 


ag 
00 
f2 
00 
24 
93 


d4 


e9 


00 
00 
88 
ag 
5b 
ac 


b5 


cd 


Q9 
Q9 
a6 
02 
14 
ime 


bb 


00 
ag 
1d 
04 
00 
84 


30 


gg 
00 
24 
04 
Def; 
a9 
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bf 


Q9 
Q9 
a7 
65 
Q9 
78 


64 


00 
00 
61 
05 
5b 
d4 


53 


00 
00 
4a 
að 
00 
98 


2a 


00 
00 
45 
að 
3b 
b5 
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7.2.3. Send (Client) Non-SYN (Omits Options) 


Send_other_traffic_key: 


Af b2 08 6e 40 2c 67 


IPv6/TCP: 


6e 
00 
00 
a6 
14 
cc 
SRIF 
01 
00 
e8 


MAC: 


29 


09 
og 
ag 
24 
27 
b4 
ff 
01 
02 
02 


3d 
Q9 
Q9 
61 
5b 
7a 
ff 
01 
02 
68 


76 
og 
og 
46 
4f 
33 
ff 
79 
02 
49 


Oc f4 14 


gg 
00 
gg 
c0 
17 
32) 
ir 
26 
00 
06 


73 
og 
ag 
18 
82 
76 
f 
02 
02 
ag 


06 
Q9 
Q9 
01 
24 
e7 
fi 
06 
02 
64 


90 


40 
1 
02 
80 
5b 
f8 
ff 
1 
42 
ag 


cc b4 7a 33 


79 


fd 
fd 
f2 
C3 
1d 
Ef 
gg 
04 
00 
01 


32 


ed 65 d4 


og 
og 
88 
6d 
1@ 
ff 
43 
og 
02 
81 


76 


og 
80 
og 
og 
3d 
ff 
01 
91 
06 
ag 


e7 


og 
ag 
b3 
ag 
54 
ff 
04 
og 
41 


f8 


bf 


og 
ag 
be 
1 
29 
fi 
fd 
1 
04 


7.2.4. Receive (Server) Non-SYN (Omits Options) 


Receive other traffic key: 


92 de a5 bb c7 8b 1d 9f 


IPv6/TCP: 


6e 
00 
00 
be 
17 
d5 
ff 
01 
00 
e8 


MAC: 


99 
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Oc 
00 
gg 
1d 
82 
40 
ff 
01 
02 
02 


51 


60 
Q9 
Q9 
a7 
24 
34 
iPr 
01 
02 
68 


Sf 


ða 
00 
00 
8e 
65 
99 
ff 
7a 
02 
40 


fc 


00 
00 
(212) 
cg 
14 
f6 
ff 
26 
gg 
06 


d5 


40 


06 
80 
og 
91 
5b 
fd 
ff 
06 
02 
64 


34 


49 
02 
01 
80 
4f 
1b 
ff 
1 
42 
og 


99 


5b 


fd 
fd 
og 
34 
1d 
ff 
og 
04 
og 
81 


f6 


29 


og 
ag 
b3 
51 
19 
ff 
43 
og 
02 
01 


19 


52 


og 
80 
f2 
og 
54 
ff 
01 
91 
06 
ag 


fd 


e9 


cd 


212) 
212) 
a6 
01 
99 
IR 
fd 
01 
04 


97 


Q9 
Q9 
1d 
01 
Oc 
iPr 
e8 
02 
Q9 


30 


00 
gg 
24 
01 
51 
faf: 
e8 
02 
gg 
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69 


Q9 
Q9 
a7 
68 
f4 
ff 
Q9 
02 
Q9 


64 


3d 


00 
gg 
4b 
Qa 
14 
ff 
b4 
80 
fd 


2a 
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8. Observed Implementation Errors 


The following is a partial list of implementation errors that this set of test vectors is intended to 
validate. 


8.1. Algorithm Issues 
° The underlying implementation of HMAC-SHA-1-96 or AES-128-CMAC-96 does not pass their 
corresponding test vectors [RFC2202] [RFC4493]. 


° The SNE algorithm does not consider corner cases, possibly because the pseudocode in 
[RFC5925] was not intended as complete, as discussed in [RFC9187], the latter of which 
includes its own validation sequence. 


8.2. Algorithm Parameters 
e KDF context length is incorrect, e.g., it does not include TCP header length + payload length (it 
should, per Section 5.2 of TCP-AO [RFC5925]). 
e KDF calculation does not start from counter i = 1 (it should, per Section 3.1.1 of TCP-AO crypto 
algorithms [RFC5926]). 


e KDF calculation does not include output length in bits, contained in two bytes in network 
byte order (it should, per Section 3.1.1 of the TCP-AO crypto algorithms [RFC5926]). 


e KDF uses keys generated from current TCP segment sequence numbers (KDF should use only 
local and remote ISNs or zero, as indicated in Section 5.2 of TCP-AO [RFC5925]). 


8.3. String Handling Issues 


The strings indicated in TCP-AO and its algorithms are indicated as a sequence of bytes of known 
length. In some implementations, string lengths are indicated by a terminal value (e.g., zero in C). 
This terminal value is not included as part of the string for calculations. 


e The password includes the last zero-byte (it should not). 
e The label "TCP-AO" includes the last zero byte (it should not). 


8.4. Header Coverage Issues 


e TCP checksum and/or MAC is not zeroed properly before calculation (both should be). 
e TCP header is not included in the MAC calculation (it should be). 
e TCP options are not included in the MAC calculation by default. 


There is a separate parameter in the Master Key Tuple (MKT) [RFC5925] to ignore options; this 
document provides test vectors for both options-included and options-excluded cases. 
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9. Security Considerations 


This document is intended to assist in the validation of implementations of TCP-AO to further 
enable its more widespread use as a security mechanism to authenticate not only TCP payload 
contents but the TCP headers and protocol. 


The Master_Key of "testvector" used here for test vector generation SHOULD NOT be used 


operationally. 


10. IANA Considerations 


This document has no IANA actions. 
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